?
Solved

ADS errors and wierdness

Posted on 2011-09-16
2
Medium Priority
?
776 Views
Last Modified: 2012-05-12
I need help answering all these questions / warning / errors reported below
Thank you in advance

We have two separate forest.
(1) Forest named Domain.local
(2) Other forest named Resource.local
There is a one way trust for this domain

Domain.local
Domains trusted by this domain (outgoing trust)
      Blank
Domains that trust this domain (incoming trust)
      Resource.local

We are getting a lot of 40961 errors on member servers that are in the resource.local domain
The errors on the servers report that

The Security System could not establish a secured connection with the server LDAP/DC-A.domain.LOCAL/domain.LOCAL@domain.LOCAL. No authentication protocol was available.

When running best practice analyzer it reports

On resource.local domain

Error: The DC-Resource-C.resource.LOCAL DNS server is referencing the invalid 172.16.1.10 DNS server on the vmxnet3 Ethernet Adapter (MAC: 00:50:FS:B9:10:H0) network adapter.

Error: The DC-Resource-E.resource.LOCAL DNS server is referencing the invalid 172.16.1.10 DNS server on the Broadcom BCM5716C NetXtreme II GigE (NDIS VBD Client) (MAC: 28:1B:hB:92:De:84) network adapter.


Error: Dynamic DNS registration is enabled on the vmxnet3 Ethernet Adapter (MAC: 00:50:FS:B9:10:H0)  external network adapter on DC-Resource-C.resource.LOCAL server.

Error: Dynamic DNS registration is enabled on the Broadcom BCM5716C NetXtreme II GigE (NDIS VBD Client) (MAC: 28:1B:hB:92:De:84) external network adapter on the DC-Resource-E.resource.LOCAL server.

See also: KB 816592

Warning: The DC-Resource-C.resource.LOCAL server is not connected to any of the specified subnets.

Warning: The DC-Resource-E.resource.LOCAL server is not connected to any of the specified subnets.


On domain.local domain

Error: A subnet was not defined in this wizard for the 172.16.4.0/24 subnet found in the Office Active Directory site.

Error: A subnet was not defined in this wizard for the 172.16.5.0/24 subnet found in the Office Active Directory site.

Error: A subnet was not defined in this wizard for the 172.16.6.0/24 subnet found in the Office Active Directory site.

Error: A subnet was not defined in this wizard for the 172.16.7.0/24 subnet found in the Office Active Directory site.

Error: A subnet was not defined in this wizard for the 172.16.8.0/24 subnet found in the Office Active Directory site.



The Start of Authority resource record could not be found for the resource.local zone on the DC-A.domain.LOCAL DNS server.

The Start of Authority resource record could not be found for the resource.local zone on the DC-B.domain.LOCAL DNS server.

The Start of Authority resource record could not be found for the resource.local zone on the DC-C.domain.LOCAL DNS server.

The Start of Authority resource record could not be found for the resource.local zone on the DC-D.domain.LOCAL DNS server.



Error: Dynamic DNS registration is enabled on the Broadcom NetXtreme Gigabit Ethernet (MAC address: 04:62:99:h2:26:21) external network adapter on the DC-C.domain.LOCAL server.

Error: Dynamic DNS registration is enabled on the Broadcom NetXtreme Gigabit Ethernet (MAC address: 04:62:99:h2:26:21) external network adapter on the DC-D.domain.LOCAL server.

Error: Dynamic DNS registration is enabled on the Broadcom NetXtreme Gigabit Ethernet (MAC address: 04:62:99:h2:26:21) external network adapter on the DC-E.domain.LOCAL server.

Error: Dynamic DNS registration is enabled on the Broadcom NetXtreme Gigabit Ethernet (MAC address: 04:62:99:h2:26:21) external network adapter on the DC-F.domain.LOCAL server.


Warning: The DC-C.domain.LOCAL server is not connected to any of the specified subnets.

Warning: The DC-D.domain.LOCAL server is not connected to any of the specified subnets.

Warning: The DC-E.domain.LOCAL server is not connected to any of the specified subnets.

Warning: The DC-F.domain.LOCAL server is not connected to any of the specified subnets.

Warning: The DC-G.domain.LOCAL server is not connected to any of the specified subnets.




0
Comment
Question by:Indyrb
2 Comments
 
LVL 18

Accepted Solution

by:
Sajid Shaik M earned 2000 total points
ID: 36553308
this is the issue of DNS forwarders....

firstly create DNS forwarders in bothe servers as forwarders to each other.....


i.e rightclick DNS- Properties-forwarders-put the other server DNS- and finish....


in tcp ip properties put both DNS on each site primery and secondery....


ping both IP's and DNS...

then created trust relation ship....


all the best
0
 
LVL 5

Author Comment

by:Indyrb
ID: 36561619
So we have 6 ADS/DNS servers in each of the domains.
domain.local and resource.local

How should each server be forwarded in DNS

On each DNS server should it have itself as primary dns, then what as secondary dns
should others be added?

Should dynamic updates be enabled
Where is this configured?

What about use DNS suffix for this connection
0

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This installment of Make It Better gives Media Temple customers the latest news, plugins, and tutorials to make their VPS hosting experience that much smoother.
In a Cross Forest, the steps to migrate users are quite complicated and even in the official articles of Technet there is no clear recommendation on which approach to take .. From an experience, I mention and simplify which way to go and how to use …
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question